<?php
	$uri = $_SERVER['REQUEST_URI'];
	$uri_var = explode('/', $uri);
	
	$count = count($uri_var);
	$dot = "";
	
	for($i=0; $i<$count-2; $i++)
	{
		$dot = $dot."../";
	}
?>
<?php include($dot.'mvz-config/system/begin.php'); ?>
<?php include($dot.'mvz-config/system/session_start.php'); ?>
<?php include($dot.'mvz-config/system/session.php'); ?>
<?php
	/* Start Process */
	
	$http_referer = $_SERVER['HTTP_REFERER'];
	$referer = explode("?",$http_referer);
	$url_referer = $referer[0];
	
	// Get User Info
	if(!isset($_POST['process_module_id']))	{$modid = "";}	else{$modid = sql_quote(trim($_POST['process_module_id']));}
	if(!isset($_POST['process_module_name']))	{$modname = "";}	else{$modname = sql_quote(trim($_POST['process_module_name']));}
	if(!isset($_POST['process_module_sub_id']))	{$modsubid = "";}	else{$modsubid = sql_quote(trim($_POST['process_module_sub_id']));}
	if(!isset($_POST['process_module_category']))	{$modcategory = "";}else{$modcategory = sql_quote(trim($_POST['process_module_category']));}
	if(!isset($_POST['process_type']))		{$type = "";}	else{$type = sql_quote(trim($_POST['process_type']));}
	if(!isset($_POST['process_userin']))	{$user = "";}	else{$user = sql_quote(trim($_POST['process_userin']));}
	if(!isset($_POST['process_usergroup']))	{$usrgrp = "";}	else{$usrgrp = sql_quote(trim($_POST['process_usergroup']));}
	if(!isset($_POST['process_datein']))	{$date = "";}	else{$date = sql_quote(trim($_POST['process_datein']));}
	
	$isValid = check_user_module_process_privilege($user, $usrgrp, $modcategory, $modid, $modsubid, $type);
	
	if($isValid)
	{
		/*
		echo "<pre>";
		print_r($_SESSION);
		echo "</pre>";
		*/
		
		if(!isset($_POST['txt_text_PK_id']))	{$PK_id = "";}	else{$PK_id = sql_quote(trim($_POST['txt_text_PK_id']));}
		if(!isset($_POST['txt_text_name']))	{$name = "";}	else{$name 	= sql_quote(trim($_POST['txt_text_name']));}
		if(!isset($_POST['txt_text_label']))	{$label = "";}	else{$label = sql_quote(trim($_POST['txt_text_label']));}
		if(!isset($_POST['txt_text_header']))	{$header = "";}	else{$header = sql_quote(trim($_POST['txt_text_header']));}
		if(!isset($_POST['txt_text_content']))	{$content = "";}	else{$content 	= sql_quote_html_sc_en($_POST['txt_text_content']);}
		if(!isset($_POST['txt_text_img_url']))	{$imgurl = "";}	else{$imgurl 	= sql_quote(trim($_POST['txt_text_img_url']));}
		if(!isset($_POST['rdo_text_img_sts']))	{$imgsts = "";}	else{$imgsts 	= sql_quote(trim($_POST['rdo_text_img_sts']));}
		if(!isset($_POST['txt_text_position']))	{$position = "";}	else{$position 	= sql_quote(trim($_POST['txt_text_position']));}
		if(!isset($_POST['rdo_text_activate']))	{$activate = "";}	else{$activate 	= sql_quote(trim($_POST['rdo_text_activate']));}

		// echo "modid : ".$modid." -<br />";
		// echo "modname : ".$modname." -<br />";
		// echo "modsubid : ".$modsubid." -<br />";
		// echo "modtype : ".$modcategory." -<br />";
		// echo "type : ".$type." -<br />";
		// echo "user : ".$user." -<br />";
		// echo "usrgrp : ".$usrgrp." -<br />";
		// echo "date : ".$date." -<br />";
		
		// echo "PKid : ".$PK_id." -<br />";
		// echo "name : ".$name." -<br />";
		// echo "label : ".$label." -<br />";
		// echo "header : ".$header." -<br />";
		// echo "content : ".$content." -<br />";
		// echo "imgurl : ".$imgurl." -<br />";
		// echo "imgsts : ".$imgsts." -<br />";
		// echo "position : ".$position." -<br />";
		// echo "activate : ".$activate." -<br />";
		
		// echo "decodehtml : ".sql_quote_html_sc_de($content)." -<br />";
		// die();
		
		if($type == "EDIT")
		{
			$sql = " update tbl_text ";
			$sql .= " set ";
			$sql .= "  	textlabel = '".$label."',
						textheader = '".$header."',
						textcontent = '".$content."',
						texturlimage = '".$imgurl."',
						texturlimagestatus = '".$imgsts."',
						textposition = '".$position."',
						textstatus = '".$activate."',
						userup = '".$user."',
						dateup = '".$date."'
							
					";
			$sql .= " where textid = ".$PK_id." and moduleid = '".$modid."' and stsrc = 'A'
					";
			
			$exe = mysql_query($sql) or die(mysql_error());
			
			$string_log = "Edit data Text ".$PK_id." - ".$label." ";
			$string_msg = "Data ".$label." succesfully changed";
		}
		else
		{
			$string_log = "Error : Module Text";
			$string_msg = "Error";
		}
		
		addLogByUsername($string_log);
		setSessionMsg($string_msg);
		header("Location: ".$url_referer);
	}
	else
	{
		addLogByUsername("Access Denied : Module Text");
		setSessionMsg("Access denied");
		header("Location: ".$url_referer);
	}
	
	
	/* End Process */
?>
<?php include($dot.'mvz-config/system/end.php'); ?>